Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Manage Vendor Risk as if It Were Your Own

171 visualizaciones

Publicado el

Find out why it's so important to take this approach when managing vendor risk.

Publicado en: Tecnología
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Manage Vendor Risk as if It Were Your Own

  1. 1. Governance, risk, and compliance Manage vendor risk as if it were your own Teresa Law Sr. PMM GRC ServiceNow Julia Lake Sr. Manager Cloud Compliance ServiceNow
  2. 2. 2 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Agenda • Managing vendor risk • ServiceNow vendor risk management • Realized benefits of vendor risk management • Questions? © 2018 ServiceNow, Inc. All Rights Reserved. Confidential.
  3. 3. 3 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Your company is faced with increasing challenges and demands Vendor Risks Compliance Guidelines New Standards Internal Risk Reduction Initiatives Changing Regulations Cyber Risks
  4. 4. 4 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Vendors represent cyber and regulatory risks Manage your vendor risk as if they are your own IT software vendors Outsourcers Consultants Affiliates Resellers Distributors
  5. 5. 5 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Manual and time-consuming processes (Excel, email, meetings) Vendor risk processes and tools can’t keep up The vendor risk old work model is inefficient The problem XL S
  6. 6. 6 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Legal HR IT Siloed processes and organizations lead to missed communications Manual and time-consuming processes (Excel, email, meetings) Vendor risk processes and tools can’t keep up The vendor risk old work model is inefficient The problem XL S
  7. 7. 7 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. No visibility into overall program activities and vendor risk posture Siloed processes and organizations lead to missed communications Manual and time-consuming processes (Excel, email, meetings) Vendor risk processes and tools can’t keep up The vendor risk old work model is inefficient The problem XL S Legal HR IT
  8. 8. 8 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Now on Now: ServiceNow challenges Poor Vis ibility Manual R es our c e Planning Email and Sp r e a d s h e e t Bas ed C onnec ting Ineffic ienc ies
  9. 9. 9 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk is real SUFFERED REPUTATIONAL DAMAGE 3 16.7% NON-COMPLIANT WITH REGULATORY FRAMEWORKS 3 26% INCREASE IN COST OF A DATA BREACH IF A THIRD PARTY IS INVOLVED 1 1. Ponemon Institute Cost of a Data Brach report 2017 2. Ponemon Institute Tone at the Top report, May 2016 3. Deloitte Third-Party GRC Survey 2017 12% Internet of Things (IoT) and migration to the cloud will increase third party risk $3.4M $3.8M COST OF RESPONDING TO THIRD-PARTY BREACHES OVER THE PREVIOUS 12 MONTHS2 $10M
  10. 10. 10 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Vendor Risk Management Now Platform™ User experiences Service experiences Service intelligence Community Service Portal Service Catalog Status Notifications Knowledge Base Integration and APIs Low Code Dev Tools Service Aware CMDB Visual TaskboardsWorkflow Time-series Database Actionable Analytics Anomaly Detection Supervised Machine Learning Peer Benchmarks Policy and Compliance Management Risk Management Audit Management Introducing ServiceNow vendor risk management
  11. 11. 11 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Onboard vendor
  12. 12. 12 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Onboard vendor
  13. 13. 13 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Onboard vendor
  14. 14. 14 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Generate findings Onboard vendor
  15. 15. 15 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Generate findings Remediate issues Onboard vendor
  16. 16. 16 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Generate findings Remediate issues Report risks Onboard vendor
  17. 17. 17 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Generate findings Remediate issues Report risks Monitor Onboard vendor
  18. 18. 18 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Generate findings Remediate issues Report risks Monitor Onboard vendor Retire
  19. 19. 19 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Third-party risk management process Tier Assess Generate findings Remediate issues Report risks Monitor Onboard vendor Retire
  20. 20. 20 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Reduce risk posed by your vendors Vendor Catalog
  21. 21. 21 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Reduce risk posed by your vendors Vendor Catalog Internal Tiering Assessment
  22. 22. 22 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Reduce risk posed by your vendors Vendor Catalog Internal Tiering Assessment Security Score provider integration
  23. 23. 23 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Reduce risk posed by your vendors Vendor Catalog Legal IT HR Vendor portal Issues and Remediation Deadlines Assessments Contacts Internal Tiering Assessment Security Score provider integration
  24. 24. 24 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Reduce risk posed by your vendors GRC Integration Vendor Catalog Legal IT HR Vendor portal Issues and Remediation Deadlines Assessments Contacts Internal Tiering Assessment Security Score provider integration
  25. 25. 25 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Reduce risk posed by your vendors GRC Integration Vendor Catalog Legal IT HR Vendor portal Issues and Remediation Deadlines Assessments Contacts Internal Tiering Assessment Security Score provider integration
  26. 26. Demo
  27. 27. 27 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Worked with product team to develop VRM tool Integrated processes between HI and Surf Matured the tool in Surf Two-instance solution for collaboration on vendor risk Manual vendor risk assessment asset Vendor risk management journey • Enterprise policy management • Risk assessment • Controls management • Audit and workpaper management • Control test • Control certification • Dashboards • Issue and remediation tracking • Compliance status tracking • Continuous controls monitoring • Legal GRC phase 1 • IT GRC phase 1 • Audit request management • Full adoption of Legal and IT Security GRC for risk and compliance • Continuous controls monitoring for third-party apps • Reporting and transparency capabilities GRC Planned for FY19GRC Current Functionality
  28. 28. 28 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Now on Now: Vendor risk management value outcomes 75% Reduction in back- and-forth emails 7% Reduction in cycle time 46K Hours saved annually in closing reports $668K Saved annually by increasing capacity without increasing headcount
  29. 29. 29 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Improve your risk and compliance posture and effectively communicate it across departments and to the board Monitor, Prioritize, and Automate Response to Third-Party Risk CONTROL YOUR RISK EXPOSURE Continuously monitor to detect vendor changes in real time, at scale INCREASE PERFORMANCE AND PRODUCITIVITY Automate processes and consistent workflows across your vendor ecosystem IMPROVE STRATEGIC PLANNING AND DECISION MAKING Risk scoring and effortless collaboration drive critical risks to closure
  30. 30. 30 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. ServiceNow GRC is industry recognized ServiceNow continuous monitoring provides “maximize flexibility, increased performance, and enhanced detection and response” ServiceNow is one of the “top 10 solutions customers should know” ServiceNow is a LEADER in Gartner’s inaugural Integrated Risk Management (IRM) Magic Quadrant.
  31. 31. 31 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from ServiceNow. Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. ServiceNow Named a Leader in the 2018 Gartner Magic Quadrant for Integrated Risk Management READ REPORT Source: Gartner, Inc., Magic Quadrant for Integrated Risk Management, John A. Wheeler, Jie Zhang, Earl Perkins, July 16 2018 ID: G00323128
  32. 32. 32 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. We want to hear from you ServiceNow UserGroups NowForums Knowledge Events Design Partner Program Lighthouse Program Product Advisory Council Programs GRC Community Thousands of active members from all geographies, industries, company sizes Community
  33. 33. 33 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. Q & A Thank you for joining us. Teresa Law Sr. PMM GRC ServiceNow Julia Lake Sr. Manager Cloud Compliance ServiceNow
  34. 34. 34 © 2018 ServiceNow, Inc. All Rights Reserved. Confidential. On-demand webinars ON-DEMANDCheck out our on-demand webinars at www.servicenow.com

×